cpe:/a:microsoft:office:2007:sp3 cpe:/a:microsoft:office:2010:sp2 cpe:/a:microsoft:office:2013:sp1 cpe:/a:microsoft:office:2016 cpe:/a:microsoft:office:2016::~~click-to-run~~~ cpe:/a:microsoft:office_compatibility_pack:-:sp3 cpe:/a:microsoft:word:2007:sp3 cpe:/a:microsoft:word:2010:sp2 cpe:/a:microsoft:word:2013:sp1 cpe:/a:microsoft:word:2013:sp1:~~rt~~~ cpe:/a:microsoft:word:2016 CVE-2018-0802 2018-01-09T20:29:00.820-05:00 2018-03-16T12:09:27.543-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2018-03-14T12:33:30.060-04:00 BID 102347 SECTRACK 1040153 MISC https://0patch.blogspot.com/2018/01/the-bug-that-killed-equation-editor-how.html MISC https://github.com/rxwx/CVE-2018-0802 MISC https://github.com/zldww2011/CVE-2018-0802_POC CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802 Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.